CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 10.0EPSS: 13%CPEs: 9EXPL: 0CVE-2007-1007
https://notcve.org/view.php?id=CVE-2007-1007
20 Feb 2007 — Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function. Vulnerabilidad de cadena de formato en GnomeMeeting 1.0.2 y anteriores permiten a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante cadenas de formato en el nombre, que no e... • ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2007-0980
https://notcve.org/view.php?id=CVE-2007-0980
16 Feb 2007 — Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. Vulnerabilidad no especificada en HP Serviceguard para Linux; empaquetado para SuSE SLES8 y United Linux 1.0 versiones anteriores a SG A.11.15.07, SuSE SLES9 y SLES10 versiones anteriores a SG A.11.16.10, y R... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00860750 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2006-4342
https://notcve.org/view.php?id=CVE-2006-4342
17 Oct 2006 — The kernel in Red Hat Enterprise Linux 3, when running on SMP systems, allows local users to cause a denial of service (deadlock) by running the shmat function on an shm at the same time that shmctl is removing that shm (IPC_RMID), which prevents a spinlock from being unlocked. En núcleo en Red Hat Enterprise Linux 3, al ejecutarse en sistemas SMP, permite a usuarios locales provocar una denegación de servicio (punto muerto) ejecutando la función shmat en un shm al mismo tiempo que shmctl está borrando ese ... • http://secunia.com/advisories/22497 • CWE-667: Improper Locking •
CVSS: 7.5EPSS: 30%CPEs: 7EXPL: 1CVE-2006-4997
https://notcve.org/view.php?id=CVE-2006-4997
09 Oct 2006 — The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). La función clip_mkip en net/atm/clip.c del subsistema ATM en el núcleo Linux permite a atacantes remotos provocar una denegación de servicio (panico) mediante vectores no identificados que provocan que el subsisstema ATM acceda a la me... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206265 • CWE-416: Use After Free •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2006-2933
https://notcve.org/view.php?id=CVE-2006-2933
27 Jul 2006 — kdesktop_lock in kdebase before 3.1.3-5.11 for KDE in Red Hat Enterprise Linux (RHEL) 3 does not properly terminate, which can prevent the screensaver from activating or prevent users from manually locking the desktop. kdesktop_lock en kdebase versiones anteriores a 3.1.3-5.11 para KDE en Red Hat Enterprise Linux (RHEL) 3 no termina apropiadamente, lo cual puede impedir que el salva-pantallas se active, o impedir que los usuarios bloqueen manualmente el escritorio. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=177755 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2005-3629
https://notcve.org/view.php?id=CVE-2005-3629
31 Dec 2005 — initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. • ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0CVE-2005-1918 – tar archive path traversal issue
https://notcve.org/view.php?id=CVE-2005-1918
31 Dec 2005 — The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". • ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 7%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 11%CPEs: 127EXPL: 1CVE-2005-3625
https://notcve.org/view.php?id=CVE-2005-3625
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •